13ce4f09b059abf601fb517fe00c2653_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

13ce4f09b059abf601fb517fe00c2653_JaffaCakes118
Size

669KB
MD5

13ce4f09b059abf601fb517fe00c2653
SHA1

71669fbd0aed4eeb7bd5e21439979174f900eb6e
SHA256

42ae4aa79628afe953c73b163799798135483ef0d05d4ff14bdc450a068ea105
SHA512

210f5daa5e3ee6efc846fd3ab8baf97cdd5bb8ff40523d6f5e014c20415bba16a56a78a617bf843f9c8de4eebd777e6e82a826b681740b261b0003d4a4c42568
SSDEEP

12288:oxuj/5kQANn9MUHPVLoNjY+6z0AB0BZqBuA903FL+e66Q2qT:oo75kQArMyPVLAQPWO8bFKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13ce4f09b059abf601fb517fe00c2653_JaffaCakes118

Files

13ce4f09b059abf601fb517fe00c2653_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ccea3d96ef90697aefbd6d2712e875b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualAlloc
GetCommandLineW
SetFileAttributesW
GetProfileSectionW
GetCurrentProcessId
AreFileApisANSI
SwitchToFiber
PeekConsoleInputA
ChangeTimerQueueTimer
RemoveDirectoryA
GetTimeFormatW
FindResourceW
GetCurrentThreadId
CreateFileMappingA
LocalUnlock
EnumCalendarInfoW
IsDebuggerPresent
GetOEMCP
ReadFileEx
ReplaceFileA
GlobalMemoryStatusEx
WriteTapemark
VirtualQueryEx
LocalSize
BindIoCompletionCallback
SetDefaultCommConfigW

winspool.drv

ClosePrinter
GetFormW
EndPagePrinter
EnumFormsA
GetPrinterW
GetPrinterDriverDirectoryW
DeletePrinterDataW
GetPrintProcessorDirectoryA
GetPrinterDataW
EnumMonitorsW
GetPrinterDataExW
WritePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

OpenTraceW
GetTraceEnableLevel
RegEnumKeyW
AddAccessAllowedAce
ControlTraceW
BuildSecurityDescriptorW
CryptHashData
GetSidIdentifierAuthority
InitializeSecurityDescriptor
RegisterServiceCtrlHandlerW
EnumDependentServicesW
AllocateLocallyUniqueId
AreAllAccessesGranted
RegEnumKeyExW
SetEntriesInAclA
ConvertStringSecurityDescriptorToSecurityDescriptorW
LsaICLookupNames

comctl32

_TrackMouseEvent
ImageList_Add
ImageList_ReplaceIcon
InitCommonControls
InitCommonControlsEx
ImageList_GetImageCount
ImageList_GetBkColor
CreateStatusWindowW
ImageList_Read
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_DragLeave

msvcrt

?set_terminate@@YAP6AXXZP6AXXZ@Z
exit
_mbsupr
abort
isupper
_setmode
_strdate
_ismbblead
_stat
frexp
ungetwc
_localtime64
_cabs
fclose
_lseek
_strdup
atoi
wcstoul
_snprintf
strcspn
_close
wprintf
??1bad_cast@@UAE@XZ
_isctype
_ultow
_mktemp
_mbsdec
??8type_info@@QBEHABV0@@Z
fflush
_memicmp
_open
memcpy
_winmajor
__lconv_init
_strcmpi
fseek
strcat
feof

crypt32

CryptUninstallDefaultContext

mscms

InternalGetPS2ColorRenderingDictionary
DeleteColorTransform
InternalGetPS2CSAFromLCS
InternalGetPS2ColorSpaceArray
OpenColorProfileA
TranslateBitmapBits
IsColorProfileValid
InstallColorProfileW
GetColorDirectoryA
GetColorProfileHeader
EnumColorProfilesA
OpenColorProfileW
CreateColorTransformW
InternalGetPS2PreviewCRD

Sections

BSS
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT
Size: 11KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 593KB - Virtual size: 930KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccea3d96ef90697aefbd6d2712e875b9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

advapi32

comctl32

msvcrt

crypt32

mscms

Sections

BSS Size: 15KB - Virtual size: 14KB

BSS Size: 8KB - Virtual size: 7KB

TEXT Size: 11KB - Virtual size: 348KB

.idata Size: 593KB - Virtual size: 930KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 1024B - Virtual size: 258B

BSS
Size: 15KB - Virtual size: 14KB

BSS
Size: 8KB - Virtual size: 7KB

TEXT
Size: 11KB - Virtual size: 348KB

.idata
Size: 593KB - Virtual size: 930KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 1024B - Virtual size: 258B